Technology Enabling Safe & Secure Banking - Vijayalakshmi R Iyer, CMD, Bank of India

The banking industry has a number of opportunities and challenges in the current economic environment. Technology is one of the critical enablers for reaping the benefits of opportunities and providing a safety net from challenges.

Let’s focus on a little bit of the background of the Indian banking sector before we start commenting on the opportunities and challenges.

The banking sector is exhibiting consistent growth despite a difficult economic and business environment. The industry average is close to 20 per cent. The factors that are providing an impetus to the growth relate to penetration, product expansion and also, among others, extending the reach by adding services and geographies. The shift in demographics will further help the industry grow. Given the appetite of the industry, the sector is opening up for more players. During the current and the next era of growth, we will also see a wide ranging consolidation and alliances that will reshape the industry.

While we consider the above, there is a huge task to look inwards and focus on improving operational systems and processes. Today, most of our internal processes related to HR, planning and strategy, customer satisfaction, marketing and publicity are either manual or semi-automated, resulting into lack of “actionable intelligence”. This definitely requires the creation of an IT governance framework and a technology dashboard so that technology will be treated as a business entity rather than an enabler. I am sure with a proper IT governance framework and automation of processes we can improve the internal efficiency. While IT governance plays a big role in improving process efficiency, there is a plethora of technology solutions which are required to be used for the same purpose.

One such example would be using mobile applications for sales force, for advertisement effectiveness tracking, for internal learning and development. Mobile applications and mobile stores can play a big role here. Another interesting example in this context would be the current scenario where multiple user ids and passwords for different applications are being used by employees. This results into increased stress on the helpdesk and increased chances of password related breaches. When an employee is transferred or superannuated, it requires removing his/her user ID from multiple places. Can we not use a single user id and password given as a kit at the time of joining itself? Like this, there are various areas where technology can play a big role for efficiency improvement for all the employees. The time has come where technology has to be put to use in a cohesive manner rather than in silos to drive some intelligence out of it.

Another important use of technology can come in the area of ‘Proactive Compliance Management’. Investment related to compliance tends to be defensive and is primarily a factor of the current financial condition. Banks have been avoiding spending money when and where they did not have to. Managements have once again started to include compliance projects in their budget discussions and discussion of compliance issues from a strategic standpoint. There remains a high level of uncertainty around regulations, which has tempered people to being proactive in devoting substantial effort around that. Many have created internal task forces or committees where they monitor and evaluate, but we have not seen it turn into a lot of proactive activity at this point.

Forward-thinking banks are seeking ways to link regulatory compliance and competitive advantage. Consultants are being engaged to identify opportunities and help design and implement the change. Examples include, banks changing their operating model and services structure to meet not only compliance requirements but also deal with efficiency. A classic example of that is the current trend on KYC and AML. Technology is helping banks embrace a different model of customer service and meet KYC/AML requirements and compete in the marketplace.

The key question for the sector is, will this growth last and is it sustainable? As investments are directly linked to the answers, the answer will then lie in the opportunities the sector presents. There are a number of demand and supply side factors that will ensure that growth will continue and present varied opportunities. Some of the interesting uses of technology for customers are listed here:

Federated Applications – Banks today have achieved complete success in core banking. The question is, what next? What after Core Banking? Banks have realized the potential of core banking and have started to leverage its usage effectively in terms of connecting various diverse third-party applications like insurance, courier, trading, government departments, etc. so as to have a virtually close network of ‘E-banking services’. I think this kind of perimeterless integration would drive the next era of technology enabled banking.

Cross-Selling – Technology driven data insights will provide front-end teams to target key clients much better and generate cross-selling opportunities.

Employee Retention & Skill Development – One significant challenge before both public and private sector banks is to attract and retain talent as the pool is shifting toward more rewarding and challenging career options. With the help of technology, the senior management is becoming a lot more visible. The learning experiences of the staff are very different as technology-driven learning is changing the course.

Channels – A number of channels are now available and the ones that are growing will change the banks model to reach out to its customers. This will also help optimise costs.

These opportunities can be used and converted into further business and growth. However, it requires a concerted effort and technology deployment. This can create multiple stress points ranging from managing external and/or internal stakeholders to multitude of regulations to security and controls.

The adoption of technology is fraught with risks as regulators will watch the adoption, use, safety and security very carefully. Rightly so, as the risk profile changes very rapidly. A case in point is the use of Internet; it has its own challenges but there are appropriate responses to it such as the recent Cyber Security Policy for India released by CERT-IN.

Instead of incremental fixes and add-ons, banks need to acknowledge that an enterprise-wide approach may be the only viable solution. Although the upfront investment can be significant, this will be outweighed by much improved customer satisfaction, efficiency and organizational effectiveness.

What does this do to the business of banking? For starters, it may spell doom for traditional banking modes. For example, we are seeing the branches are no longer the same old ones, restricted to teller and allied operations. They have transformed.

As we embrace these technologies we will see revolutionary change in the banking system. 

Here are some of the applications of these technologies:

Enterprise Mobility/Mobile – It is increasingly becoming an integral part of any channel strategy for a bank. More so, using mobile computing, banks are innovating. Some of the applications are – automation of meetings; flexibility to work on the banking applications from anywhere, etc.

Social Media – It is becoming popular to engage with consumers. It is one of channels that is being adopted rapidly as a medium to reach out to a vast number of customers.

Big Data – With the availability of a whole bunch of structured and unstructured data, using it for commercial advantage such as increasing penetration amongst consumers, designing new products based on likes and dislikes, reducing travel costs, are some of the examples of the application.

Cloud – Cloud computing is enabling banks to unlock the value that they have within the enterprise. They can create a private cloud to reduce the cost of infrastructure or use a public cloud to pay as you use.

The adoption of these technologies will also lead to a number of benefits such as:

• Consumer satisfaction and penetration
• Cost reduction
• Enhance reach
• Ease of transactions
• Return on investment

However, the adoption of these technologies has its own risks. Some of these risks are:

• Security and Controls – in case of social media, cloud, etc. the control could easily shift from the bank to a third party including, at times, to the consumer.
• Reputation – Social media can have a domino effect; one negative comment and followers thereafter could create an outrage difficult to manage.
• Capability – The kind of capability required is far different from what banks have today. Imagine the volume of structured and unstructured data to shift through to manage any issue.
• Data Leakage – As connectivity to the external world increases, the risk of losing data also increases.

There are some solutions which will need to be embraced to manage these risks:

Reducing Fraud

Banks are increasingly focusing on enterprise risk management, enhancing IT processes by adopting CoBiT and automating these using tools such as IT GRC, amongst others. Security awareness and perils such as password compromise was a key issue to perpetrate fraud. Banks are using newer methods such as two factor authentication both internally and externally to control some of the perils. The other controls that are coming into force are end point protection, data leakage protection, access monitoring, active directory etc.

Fraud management systems, which include online real-time transaction monitoring, are becoming key. These are aided by data analytics and insights from the data to reduce fraud by looking at demographics and psychological behaviours. The following are some of the IT solutions to manage fraud effectively:

• IT Governance: Develop policies, procedures and monitoring mechanism that will enhance the management of IT.
• IT Architecture: Strengthen data, information and application architecture to embrace this technology.
• Social media monitoring needs to be strengthened and additional capability needs to be developed to manage the reputation risks on that medium.
• Security posture needs to be strengthened to reap the benefits of the technologies.

In summary, while the sector is growing rapidly and consistently, operating model changes to drive efficiency, reduce costs, manage risks and fraud will be an important agenda and technology will play a huge role.